Community User

Privacy Policy

Privacy Policy

We, Initium GmbH (hereinafter referred to as “we” or “Initium”), are happy about your interest in our website (hereinafter referred to as the “Online Service”). We take the protection of your personal data very seriously. Your personal data will be processed exclusively in accordance with the statutory provisions of data protec-tion law, in particular the General Data Protection Regulation (hereinafter referred to as “GDPR”). With this Privacy Policy, we inform you about the processing of your personal data and about your rights as a data subject as affected in connection with the Online Service. For information on the processing of personal data in other areas, please refer to the respective specific privacy policies.

If we refer to this Privacy Policy from external social media profiles, the following explanations apply only insofar as the processing takes place in our area of responsibility and insofar as no more specific and therefore prior information on data protection is provided in the context of such social media profiles.

1. Data Controller and Data Protection Officer: Contact Details

Responsible for the data processing as controller in terms of data protection law is:

Initium GmbH
Stralauer Allee 12
10245 Berlin
Deutschland
Email: betroffenenrechte@initium.gmbh

If you have any questions or suggestions regarding data protection, please feel free to contact us. You can reach our data protection officer as follows:

Initium GmbH
Beauftragter für Datenschutz
Stralauer Allee 1
10245 Berlin
Deutschland
Email: datenschutzbeauftragter@initium.gmbh

2. Subject of Data Protection

The subject of data protection is the protection of personal data. This is all information relating to an identi-fied or identifiable natural person (so-called data subject). This includes information such as name, postal address, email address or telephone number, but also other information that may be generated when using the Online Service, in particular information about the beginning, end and extent of use as well as the trans-mission of your IP address.

3. Purposes and Legal Basis of Data Processing

In the following, you will find an overview of the purposes and legal basis of data processing in connection with the Online Service. In any case, we process personal data in accordance with the legal requirements, even if in individual cases a different legal basis should be relevant than that stated below.

The provision of personal data by you may be required by law or contract or may be necessary for the con-clusion of a contract. We will point it out separately if you are obliged to provide personal data and what possible consequences the non-supply would then have (e.g. a loss of claims or our position not to provide the requested service without providing certain information). The use of the Online Service is generally pos-sible without registration. The use of individual functions may require prior registration. Even if you use the Online Service without registration, personal data may still be processed.

3.1 Performance of a contract and pre-contractual measures

We process your personal data if this is necessary for the performance of a contract to which you are a party or for the implementation of pre-contractual measures taken in response to your request. The data processing is based on Article 6 paragraph 1 letter b) GDPR. The purposes of processing include enabling the use of our specific products and services within the scope of the Online Service.

3.2 Compliance with legal obligations

We process your personal data to comply with legal obligations to which we are subject. The data pro-cessing is based on Article 6 paragraph 1 letter c) GDPR. These obligations may arise, for example, from commercial, tax, money laundering, financial or criminal law. The purposes of the processing result from the respective legal obligation; as a rule, the processing serves the purpose of complying with state control and information obligations.

3.3 Safeguarding of legitimate interests

We also process your personal data to pursue the legitimate interests of ourselves or third parties, unless your rights, which require the protection of your personal data, outweigh these interests. The data pro-cessing is based on Article 6 paragraph 1 letter f) GDPR. The processing to safeguard legitimate interests is carried out for the following purposes or to safeguard the following interests.

• Further development of products, services and support offers as well as other measures to control busi-ness transactions and processes;
• Improvement of product quality, elimination of errors and malfunctions, among other things by means of analysis of vehicle data and customer feedback;
• Handling of non-contractual inquiries and concerns;
• Risk management and coordination of recall actions;
• Credit assessment through data exchange with credit agencies
• Ensuring legally compliant actions, prevention of and protection against legal violations (especially crim-inal offences), assertion of and defense against legal claims, internal and external compliance measures;
• Ensuring availability, operation and security of technical systems as well as technical data management;
• Answering and evaluation of contact requests and feedback.

When you call up the Online Service, data relating to your end device and your use of the online offer are processed and stored in a so-called log file. This concerns in particular technical data such as date and time of access, duration of the visit, type of terminal device, operating system used, functions used, amount of data sent, IP address and referrer URL. We process this data to ensure technical operation and to determine and eliminate faults. In doing so, we pursue the interest of permanently ensuring technical operability. We do not use this data for the purpose of drawing conclusions about your person.

When we send emails for customer and prospect management, we may use commercially available technol-ogies such as tracking pixels or click-through links. This enables us to analyse which or how many emails are delivered and/or rejected and/or opened. The latter is done in particular using tracking pixels. It will not be possible to fully measure the opening rate of our emails using tracking pixels if you have deactivated the display of images in your email program. In this case, the email will not be displayed completely. However, we are still able to track whether an email has been opened if you click on text or graphic links in the email. By using click-through links, we can analyse which links in our emails are clicked and derive what interest there is in certain topics. When you click on the corresponding link, you are guided through our separate analysis server before the target page is called up. Based on the results of the analysis, we can make emails more relevant, send them in a more targeted manner or stop them from being sent. If you do not want such data to be collected and tracked, do not click on text or graphic links in emails.

3.4 Consent

We process your personal data on the basis of corresponding consent. The data processing is based on Article 6 paragraph 1 letter a) GDPR. If you give your consent, it is always for a specific purpose; the pur-poses of processing are determined by the content of your declaration of consent. You may revoke any consent you have given at any time, without affecting the legality of the processing that has taken place on the basis of the consent until revocation.

We send out newsletters after respective registration, i.e. with your consent. If the contents of the newsletter are specifically described in the context of a registration, these are decisive for the scope of the consent. Furthermore, our newsletters contain information about our products, offers, promotions and our company. The entity named in the registration process is responsible for processing your data. The registration is car-ried out by means of the so-called double opt-in procedure, i.e. after your registration you will receive an email asking you to confirm your registration in order to prevent the misuse of your email address. The reg-istrations for the newsletter are logged by us in order to be able to prove the registration process and the consent contained therein in accordance with the legal requirements. The logging of the registration and the necessary processing of the data entered by you during the registration process is accordingly based on our legitimate interests in accordance with Article 6 paragraph 1 letter f) GDPR. You can revoke your con-sent to receive our newsletter at any time, e.g. by unsubscribing from the newsletter. You will find an unsub-scribe link to exercise this right at the end of each newsletter.

3.5 Change of purpose

If we process your personal data for a purpose other than that for which the data was collected, beyond the scope of a corresponding consent or a mandatory legal basis, we will take into account, in accordance with Article 6 paragraph 4 GDPR, the compatibility of the original and the now pursued purpose, the nature of the personal data, the possible consequences of further processing for you and the guarantees for the protec-tion of the personal data.

3.6 Profiling

We do not carry out automated decision making or profiling in accordance with Article 22 GDPR. Profiling is only carried out to protect our legitimate interests as described above.

4. Access Authorizations in the End Device

Some functions of the Online Service require the granting of authorization to access your end device (e.g. access to location data). The granting of these authorizations is voluntary. However, if you wish to use the corresponding functions, you must grant the appropriate authorizations, otherwise you will not be able to use these functions. The permissions remain active as long as you have not reset them in your device by deactivating the respective setting.

5. Cookies and comparable Technologies

We use cookies and comparable technologies in connection with the Online Service which serve to com-municate with your end device and exchange stored information (hereinafter collectively referred to as “Cookies”). These Cookies are primarily used to make the functions of the Online Service usable. General examples in which the use of Cookies is technically required in this sense are the storage of a language selection, login data or a shopping or watch list. Accordingly, technically required Cookies may be used by us to enable the processing described in section 3.1 and to ensure the proper and secure operation of the Online Service. The data processing is then carried out on the basis of Article 6 paragraph 1 letters b) and f) GDPR, as it is necessary to implement the functions you have selected or to protect our legitimate interest in the functionality of the Online Service.

Insofar as we should also use Cookies in order to analyse the use of the Online Service and to be able to target it to your interests and, if necessary, to provide you with interest-based content and advertisements, this is done exclusively on the basis of your voluntary consent in accordance with Article 6 paragraph 1 letter a) GDPR. You will then have the opportunity to make the appropriate settings within the Online Service via the consent management. You may revoke any consent you have given at any time with effect for the future. Further information on Cookies and their function in detail as well as on setting and revocation op-tions can be found directly in the corresponding areas of the consent management]. Please note that we only make available the consent management in the context of the Online Service if, in addition to the above-mentioned technically required Cookies, consent based Cookies are to be used.

If you do not wish to use Cookies in general, you can also prevent their storage by adjusting the settings of your end device accordingly. Stored Cookies can be deleted at any time in the system settings of your ter-minal device. Please note that blocking certain types of Cookies can lead to impaired use of the Online Service.

6. Integrated Third-Party Services

Insofar as we integrate services of other providers within the scope of the Online Service in order to provide you with certain content or functions (e.g. playing videos) and we process personal data in the process, this is done on the basis of Article 6 paragraph 1 letters b) and f) GDPR. This is because the data processing is then necessary to implement the functions you have selected or to protect our legitimate interest in an opti-mal range of functions of the Online Service. Insofar as Cookies may be used within the scope of these third-party services, the statements under Section 5 apply. Please also refer to the privacy policy of the respective third-party provider with regard to the third-party services.

Services of other providers which we integrate or to which we refer are provided by the respective third par-ties. We have no influence on the content and function of the third-party services and are generally not re-sponsible for the processing of your personal data by their providers, unless the third-party services are completely designed on our behalf and then integrated by us on our own responsibility. Insofar as the inte-gration of a third-party service results in us establishing joint processes with its provider, we will define with this provider in an agreement on joint controllership pursuant to Article 26 GDPR how the respective tasks and responsibilities in the processing of personal data are structured and who fulfils which data protection obligations. Insofar as Cookies are to be set on the basis of your consent, you will receive further infor-mation on the responsibility for setting these Cookies and any associated third-party services in the corre-sponding areas of the consent management.

Unless otherwise stated, profiles on social media are generally only included in the Online Service as a link to the corresponding third-party services. After clicking on the integrated text/image link, you will be redi-rected to the offer of the respective social media provider. After the redirection, personal data may be col-lected directly by the third-party provider. If you are logged in to your user account of the respective social media provider, the provider may be able to assign the collected information of the specific visit to your personal user account. If you interact via a “share” button of the respective social media provider, this in-formation can be stored in the personal user account and published if necessary. If you want to prevent the collected information from being assigned directly to your user account, you must log out before clicking the included text/image link.

7. Recipients of personal Data

Within our company, only those persons who need your personal data for the respective purposes men-tioned have access to it. Your personal data will only be passed on to external recipients if we have legal permission to do so or have your consent. Below you will find an overview of the corresponding recipients:

• Commissioned processors: Group companies or external service providers, for example in the areas of technical infrastructure and maintenance, which are carefully selected and reviewed. The processors may only use the data in accordance with our instructions.
• Public bodies: Authorities and state institutions, such as tax authorities, public prosecutors’ offices or courts, to which we (must) transfer personal data, e.g. to fulfil legal obligations or to protect legitimate interests.
• Private bodies: Group companies, cooperation partners, (non-processor) service providers or commis-sioned persons such as financing banks, credit agencies or transport service providers.

8. Data Processing in Third Countries

If a data transfer takes place to entities whose registered office or place of data processing is not located in a member state of the European Union, another state party to the Agreement on the European Economic Area or a state for which an adequate level of data protection has been determined by a decision of the European Commission, we will ensure prior to the transfer that either the data transfer is covered by a statu-tory permit, that guarantees for an adequate level of data protection with regard to the data transfer are in place (e.g., through the agreement of contractual warranties, officially recognized regulations or binding internal data protection regulations at the recipient), or that you have given your consent to the data transfer.

If the data is transferred on the basis of Articles 46, 47 or 49 paragraph 1, subparagraph 2 GDPR, you can obtain from us a copy or reference to the availability of the guarantees for an adequate level of data protec-tion in relation to the data transfer. Please use the information provided under Section 1.

9. Storage Duration, Erasure of Data

We store your personal data, if there is legal permission to do so, only as long as necessary to achieve the intended purposes or as long as you have not revoked your consent. In the event of an objection to pro-cessing, we will delete your personal data, unless further processing is still permitted by law. We will also delete your personal data if we are obliged to do so for other legal reasons. Applying these general princi-ples, we will usually delete your personal data immediately

• after the legal permission has ceased to apply and provided that no other legal basis (e.g. commercial and tax law retention periods) intervenes. If the latter applies, we will delete the data after the other legal basis has ceased to apply;
• if your personal data is no longer required for the purposes we pursue and no other legal basis (e.g. commercial and tax law retention periods) intervenes. If the latter is the case, we will delete the data after the other legal basis has ceased to apply ;

10. Rights of Data Subjects

Right to access: You have the right to receive information about your personal data stored by us.

Right to rectification and erasure: You can demand that we correct incorrect data and, if the legal require-ments are met, delete your data.

Restriction of processing: You can demand that we restrict the processing of your data, provided that the legal requirements are met.

Data portability: If you have provided us with data on the basis of a contract or consent, you may, if the legal requirements are met, demand that the data you have provided us with are handed over in a structured, common and machine-readable format or that we transfer it to another controller.

Objection: You have the right to object at any time to data processing by us based on the safeguarding of legitimate interests for reasons arising from your particular situation. If you make use of your right to object, we will stop processing the data unless we can prove compelling reasons for further pro-cessing worthy of protection which outweigh your rights and interests.

Objection to direct marketing: If we process your personal data for the purpose of direct marketing, you have the right to object to our processing of your data for this purpose at any time. If you exercise your right to object, we will stop processing your data for this purpose.

Revocation of consent: If you have given us your consent to process your personal data, you can re-voke it at any time with effect for the future. The legality of the processing of your data until revocation remains unaffected.

Right to lodge a complaint with a supervisory authority: You can also lodge a complaint with the compe-tent supervisory authority if you believe that the processing of your data violates applicable law. You can contact the supervisory authority responsible for your place of residence or your country or the supervisory authority responsible for us.

Your contact with us and the exercise of your rights: Furthermore, you can contact us free of charge if you have questions regarding the processing of your personal data and your rights as a data subject. Please contact us at betroffenenrechte@initium.gmbh or by letter mail to the address provided under Sec-tion 1. Please make sure that we can definitely identify you. If you revoke your consent, you can alternative-ly choose the contact method that you used when you gave your consent.

11. Effective Date

The latest version of this Privacy Policy applies. This version dates from 13.01.2021.

Cookie Policy

Scope

This Cookie Policy supplements the general Privacy Policy for the Overtake website and describes the nature, scope and purposes of data processing in respect of cookies and similar technologies (hereafter summarized as “cookies”), and the legal grounds and rejection options for the same. Furthermore, all other information is covered by the general Privacy Policy for our website. Version dated 27.04.2020.

What are Cookies?

We use cookies to offer you a wide range of functions, to improve your user experience and to enable us to enhance our services. Cookies are generally small files that are stored on your device by your internet browser.

Categories of Cookies

We use cookies for different purposes and with different functions. This depends on whether or not use of the cookie or similar technology is essential for technical reasons (strictly necessary), how long it is to be stored and used (storage duration), and by whom it was set (whether it was set by our website itself or by third parties) (hereafter summarised as “cookie providers”).

Technical requirement
Essential technical cookies: We use certain cookies because they are absolutely essential in order for our website and its features to function correctly. These cookies are set automatically when you open the website or use a particular feature, unless you have prevented the setting of cookies via your browser internet options.
Cookies not required for technical reasons: In contrast, non-essential cookies are set to improve our website’s performance and make it more convenient to use, or to save certain settings that you have made. Moreover, we set technically non-essential cookies to obtain information about the frequency with which certain parts of our website are used, so that we can adapt this to your needs in future. We do not place any non-essential cookies on your device unless you accept them by clicking to confirm that you acknowledge our cookie policy and continue to use our website.

Storage period
Session cookies: Most cookies are required only for the duration of your actual session or use of our services and are deleted or lose their validity as soon as you exit our website or your current session comes to an end. They are therefore known as “session cookies”. Session cookies are used, for example, to retain certain information such as your login for the website during your session.

Persistent cookies: Cookies are occasionally stored over a longer period for the purposes of recognising you when you subsequently call up our website again and retrieving saved settings. This enables you to access our website more quickly and conveniently, and it means you do not have to repeat settings you already made, such as your chosen language. Persistent cookies are deleted automatically at the end of a predefined period when you visit the page or domain from which the cookie was set.

Flow cookies: These cookies are used for communication between the various internal servers. They are set when a user begins interacting with the app and deleted again when the interaction ends. During the interaction, flow cookies receive a unique identification number, but this does not allow them to identify the actual customer or user.

Cookie providers
Third-party cookies: Third-party cookies are placed and used by other bodies or websites such as providers of web analytics tools. Further information on web analysis tools and reach measurement is provided elsewhere in this policy. Third-party providers can also use cookies to display advertising or incorporate social network content such as social plugins.

Use of Cookies for Web Analytics and Reach Measurement.

We use the following web analytics and reach measurement services:

We use Google Analytics, a web analytics service provider of Google Ireland Ltd., Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). Google Analytics uses third-party cookies to measure how frequently certain areas of our website are used and to identify preferences. The information generated by the cookie concerning your use of the website (including your truncated IP address) will be transmitted to and stored by Google on a server in the United States. Google uses this information on our behalf on the basis of a processing contract to analyse your use of the website, to compile reports on website usage activities and to provide other services relating to service and Internet usage.

The statutory basis for the use of web analytics and reach management services such as Google Analytics is Article 6(1)(f) of the GDPR; our legitimate interest arises from the purposes described above and concerns in particular the analysis, optimisation and commercial operation of the website.

Deleting and Opting out of the Use of Cookies

Accepting cookies is not compulsory in order to use our website; if you would prefer not to have cookies saved on your device, you can disable the relevant setting in the Internet Options of your browser. Saved cookies can be deleted at any time in the system settings of your browser. However, if you choose not to accept any cookies, this can restrict the functions available to you.

To opt out of web analytics, you can also disable Google Analytics for using a browser add-on. Download it here: http://tools.google.com/dlpage/gaoptout?hl=de.
This will place an opt-out notice on your device which will disable Google Analytics. Please note that this opt-out notice will disable Google Analytics only on the device and browser you use to install it. You must also reinstall the add-on if you delete cookies from your device.

You can also enable the “do not track” function on your device. If this function is enabled, your device will tell the relevant service that you do not wish to be tracked.

Specifically, the following Cookies can be stored when You open Our Website:

Name of cookieTechnical requirementStorage periodCookie providersPurpose and interestLegal basis
wordpress_test_cookieYesSession (expires upon browser close)FUSEUsed to check if cookies are enabled on the browser.Art. 6 (1) (f) GDPR
pvc_visits[0]Yes24 hoursFUSEIt counts the number of visits to a post.
The cookie is used to prevent repeat views of a post by a visitor.
Art. 6 (1) (f) GDPR
comment_author_{HASH}Yes347 daysFUSEUsed to track comment author name, if “Save my name, email, and website in this browser for the next time I comment.” is checkedArt. 6 (1) (f) GDPR
comment_author_email_{HASH}Yes347 daysFUSEUsed to track comment author email, if “Save my name, email, and website in this browser for the next time I comment.” is checkedArt. 6 (1) (f) GDPR
comment_author_url_{HASH}Yes347 daysFUSEUsed to track comment author url, if “Save my name, email, and website in this browser for the next time I comment.” checkbox is checkedArt. 6 (1) (f) GDPR
voted_{ID}Yes30 daysFUSEUsed to track the vote status of the poll for current user.Art. 6 (1) (f) GDPR
RBBookmarkDataYes30 daysFUSEUsed to store user’s bookmarks.Art. 6 (1) (f) GDPR